Home Explore Help
Register Sign In
fphammerle
/
docker-mysqldump-sshd
mirror of https://github.com/fphammerle/docker-mysqldump-sshd
1
0
Fork 0
Files Issues 0 Wiki
Browse Source

protect against SSH_CLIENT_PUBLIC_KEYS containing term "MYSQLDUMP_ARGS="

Fabian Peter Hammerle 1 year ago
parent
f34d1fee7a
commit
306b9e3dc9
2 changed files with 5 additions and 1 deletions
Split View Show Diff Stats
  1. 3 0
      CHANGELOG.md
  2. 2 1
      sshd_config

+ 3 - 0
CHANGELOG.md
View File 

@@ -8,6 +8,9 @@ and this project adheres to [Semantic Versioning](https://semver.org/spec/v2.0.0
 
 ### Changed
 
 - `sshd`: no longer accept RSA keys < 2048 bits for authentication
 
 
+### Fixed
 
+- protect against `SSH_CLIENT_PUBLIC_KEYS` containing term "MYSQLDUMP_ARGS="
 
+
 
 ## [2.0.1] - 2021-06-20
 
 ### Fixed
 
 - entrypoint: unset no longer needed `MYSQLDUMP_ARGS` variable

+ 2 - 1
sshd_config
View File 

@@ -41,5 +41,6 @@ PermitUserEnvironment no
 
 PrintMotd no
 
 PermitTTY no
 
 
+# > grep: unrecognized option: z
 
 # .* matches until \0
 
-ForceCommand exec mysqldump $(grep -o 'MYSQLDUMP_ARGS=.*' /proc/1/environ | cut -d = -f 2-)
 
+ForceCommand exec mysqldump $(grep -o '^MYSQLDUMP_ARGS=.*' /proc/1/environ | cut -d = -f 2-)